Cybersecurity researchers identified 73 Microsoft VS Code extensions on the Open VSX repository linked to the GlassWorm information-stealing campaign. At least 6 extensions have been confirmed as malicious clones of legitimate counterparts, with remaining extensions acting as support infrastructure for the persistent threat.